Tutelar

Google integration

With this integration you can add Login with Google button to your application. We integrated the original flow.

Pre-config

Before you start, you need to register/create your application in google dev console. The callback url is the trickiest part. For local tests you can use https://lvh.me:9443/google/callback or https://localtest.me:9443/google/callback (these domains pointed to 127.0.0.1 which will be your local machine). For production, you want to use your own (tutelar) domain (with the /google/callback path).

Note

Note the https and 9443 port. Google only accepst http and https domains, https is the prefered. It need a full callback url!

After you created your new OAuth2 app on the google dev console, you will need the clientId and clientSecret.

Configuration

You should set the oauth2.google.clientId, oauth2.google.clientSecret and oauth2.google.scopes variables. The first two cames from the pre-config step. The last one is openid,email,profile by default, but you can use anything from the official list. (If you use multiple scopes, you need to separate them with , like a,b,c.)

Also you should set the rootUrl correctly (it is needed for the callbacks). And the callback.success and callback.failure to handle redirects correctly.

Furthermore, if you’d like to be able to use the token endpoint for retrieving the user’s access tokens, you should set the oauth2.google.auth to the desired authentication method and set the corresponding configurations as well.

Example

Your frontend is on https://example.com, your tutelar service is on https://auth.example.com.

The rootUrl should be https://auth.example.com. The success url is something like https://example.com/authentication?token=<<TOKEN>> and the failure like https://example.com/authenticationError/<<ERROR>>

Hooks data

The hooks will contain the user profile from https://www.googleapis.com/oauth2/v2/userinfo.

Getting more data from the API

You can get the user’s access token for Google account by calling the https://lvh.me:9443/google/token?userId=<<USER_ID>> endpoint where the <<USER_ID>> query param is the id found in the JWT provided by the user.

Frontend for registration

Not needed to differenciate your registration and login frontend.

Frontend for login

The easiest way to create a proper button is using an already created lib for it.

If you want to go with minimal HTML:

<a id="google-button" class="btn btn-block btn-social btn-google">
  <i class="fa fa-google"></i> Sign in with Google
</a>

You should add a href="https://auth.example.com/google/login" to the <a> tag too.

Or if you want to go with the official just use that.

Mobile implementation

Warning

The correct mobile implementation is not yet designed.

The source code for this page can be found here.

Next: Microsoft integration